3af84b4f0dd4802033d519c48549dc0184f491c181534b2842e78449d043784a

Sharing

Copy URL

Twitter E-mail

General

Target

3af84b4f0dd4802033d519c48549dc0184f491c181534b2842e78449d043784a
Size

6.6MB
MD5

17dfd123301150ff75d5abda2c4553de
SHA1

5a42967b628262b118fea3bedda6612f4581b5fb
SHA256

3af84b4f0dd4802033d519c48549dc0184f491c181534b2842e78449d043784a
SHA512

9c6b4c7cda58dc1467b6626eccbd86d09ffd5e13156b7ba30141e6a03dd37e2611392f12b473f72ac14dc7e71c1a15ba2faa09340cba00f370974be33d28e466
SSDEEP

98304:OpnQ/oeSPGNA8IN433D2Vxd7jnXhAsyNgNK1oZUN44XGRBOJw2S+9rVPUQfjKbzg:8cn0i3TGxdXuHKAaZE4HRefScrHe6zY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3af84b4f0dd4802033d519c48549dc0184f491c181534b2842e78449d043784a

Files

3af84b4f0dd4802033d519c48549dc0184f491c181534b2842e78449d043784a
.exe windows:6 windows x86 arch:x86

63554e89e5542270c26964e89fb48a8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
InterlockedPopEntrySList
GetModuleHandleExW
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
HeapFree
LoadLibraryExW
ExitThread
CreateThread
CreateSemaphoreW
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LCMapStringW
GetConsoleMode
SetFilePointerEx
LoadLibraryW
SetStdHandle
GetSystemTime
OpenFileMappingA
GetThreadTimes
TlsAlloc
DeleteCriticalSection
GetStringTypeW
GetDateFormatW
GetOEMCP
GlobalUnlock
TerminateProcess
Beep
IsProcessorFeaturePresent
GetFileAttributesA
GetSystemTimeAdjustment
Sleep
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetProcessTimes
GetCommandLineA
ClearCommBreak
GetSystemTimeAsFileTime
GetTickCount
ConnectNamedPipe
GetCommState
FreeLibrary
GetLocaleInfoA
GetEnvironmentVariableW
EnumSystemLocalesW
CloseHandle
CreatePipe
LoadLibraryA
FindClose
GlobalFree
FlushFileBuffers
GetACP
CreateFileW
GetSystemDirectoryA
GetConsoleCP
OpenProcess
GetWindowsDirectoryA
GlobalLock
VirtualQuery
MultiByteToWideChar
GetProcAddress
GetModuleHandleW
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
GetCommandLineW
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
CreateEventW
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
WriteConsoleW

user32

ToAsciiEx
GetSystemMenu
SetTimer
HideCaret
GetWindowRect
CreateDialogParamA
GetMessageW
PostQuitMessage
SetKeyboardState
SetCapture
IsZoomed
GetParent
SetFocus
WaitMessage
InflateRect
CreateDialogIndirectParamA
GetWindowTextA
SetWindowLongA
MessageBoxA
UnionRect
UnregisterClassA
PeekMessageA
EnableMenuItem
SetClassLongA
EndDialog
DestroyCursor
ShowWindow
EnableScrollBar
FlashWindow
CreateWindowExW
InsertMenuA
SendMessageW
UpdateWindow
EndMenu
DestroyMenu
DialogBoxParamA
ToUnicode
DrawFrameControl
CheckMenuItem
GetMessageTime
GetKeyboardLayout
EndPaint
DestroyWindow
TrackPopupMenu
DrawIconEx
LoadStringA
CreateIconIndirect
GetDC
SetRect
CheckMenuRadioItem
InvalidateRect
GetWindowLongA
ScrollWindow
SetWindowsHookExA
GetDesktopWindow
SetMenu
CreatePopupMenu
IsDlgButtonChecked
CreateCaret
IsWindow
CheckRadioButton
SystemParametersInfoA
ScrollWindowEx
ValidateRgn
DestroyIcon
SetDlgItemTextA
SetScrollInfo
EnableWindow

gdi32

GetBitmapBits
ExtCreatePen
SetLayout
BitBlt
PatBlt
GetMetaFileBitsEx
StretchBlt
CopyEnhMetaFileA
CreatePalette
GetRegionData
PtInRegion
Ellipse
ExtCreateRegion
RealizePalette
GetObjectType
GetDIBColorTable
GetCharABCWidthsW
GetCharWidth32A
GetCharABCWidthsFloatA
GetSystemPaletteEntries
Polyline
GetClipBox
RectVisible
RoundRect
GetPixel
EndDoc
SetWinMetaFileBits
CreatePolygonRgn
Arc
GetCharacterPlacementW
DeleteDC
Polygon
GetDeviceCaps
GetRgnBox
SetPixel
CreateBitmap
Rectangle
OffsetRgn
SetPolyFillMode
GetTextExtentPointW
GetTextExtentPointA
SetROP2
IntersectClipRect
GetStockObject
CreateEnhMetaFileW
RestoreDC
CreateDIBitmap

advapi32

AdjustTokenPrivileges
GetLengthSid
AllocateAndInitializeSid
LookupPrivilegeValueW
SetSecurityDescriptorDacl
RegOpenKeyExW
RegOpenKeyExA
InitializeSecurityDescriptor
RegDeleteKeyA
OpenProcessToken

shell32

ShellExecuteExW

Sections

.text
Size: 667KB - Virtual size: 667KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BhYR
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63554e89e5542270c26964e89fb48a8b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 667KB - Virtual size: 667KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 6KB

.BhYR Size: 3KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 667KB - Virtual size: 667KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 6KB

.BhYR
Size: 3KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB